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REMARKS 

Reconsideration of the rejections set forth in the Office Action is respectfully requested. 
Currently, claims 1-20 are pending in this application. 

First Rejection under 35 USC 103 

Claims 1-20 were rejected under 35 USC 103 as unpatentable over Chen (Flexible 
Control of a Parallelism in a Multiprocessor PC Router) in view of Applicants Admitted Prior 
Art (AAPA). and further in view of Venkatanarayan (U.S. Patent Application Publication No. 
2005/0044221), and still further in view of Shneyderman (Mobile VPNs for next generation 
GPRS and UMTS networks). This rejection is respectfully traversed in view of the following 
arguments. 

This application relates to a method and apparatus for allocating processing capacity of 
system processing units in an extranet gateway. As discussed by applicants (see e.g. paragraph 
7) an Extranet Gateway may be used to connect a VPN site to one or more VPN tunnels. As the 
number of VPN tunnels supported by a given ExtTanet Gateway increases, the load on its CPU 
increases. (See e.g. Paragraph 8). To overcome this issue, Extranet gateways were known to be 
implemented using multiple CPUs and encryption accelerators (SPUs). (See e.g. Paragraph 9). 
VPN tunnels would then be assigned to one of the multiple SPUs using a round robin assignment 
scheme. (See e.g. Paragraph 10). 

Applicants recognized that assigning VPN tunnels in a round-robin fashion was not ideal 
and proposed a more intelligent way of assigning VPN tunnels to System Processing Units 
(SPUs) in an Extranet Gateway. The combination of references does not teach or suggest the 
method developed by applicants, which is recited for example in independent claim 1, or a 
network element that is configured to perform the method as recited in independent claim 14. 

The Examiner cited four references which, in combination, the Examiner contends teach 

each limitation of claim 1. For reference, claim 1 is repeated below: 

Claim 1 . A method of allocating processing capacity of system processing units 
in an extranet gateway ? the method comprising the steps of: 

establishing a first initial expected available bandwidth of a first of the 
system processing units; 

establishing a second initial expected available bandwidth of a second of 
the system processing units: and 
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assigning a Virtual Private Network (VPN) tunnel to one of the first and 
second system processing units for processing by assessing current available 
bandwidths of the first and second system processing units, the current available 
bandwidths being determined by assessing the initial expected available 
bandwidth for that system processing unit as decremented by other processing 
requirements for that system processing unit. 

Essentially, applicants proposed to assign VPN tunnels to SPUs of an extranet gateway by first 
establishing the initial expected available bandwidth of each of the SPUs, and then assigning the 
VPN tunnels by looking at the current available bandwidth of the SPUs. The current available 
bandwidth is determined, as recited in claim 1, by assessing the initial expected available 
bandwidth for that system processing unit as decremented by other processing requirements for 
that system processing unit. The combination of references does not teach or suggest assigning 
VPN tunnels to SPUs in this manner. 

The Examiner has taken the position that Chen teaches that it is known that different 
CPUs have different processing speeds which is related to their throughput, and that applicants 
admitted that it was known to assign tunnels to processors. 

The Examiner then contends that Venkatanarayan discloses assessing current available 
bandwidths of the first and second system processing units, citing Fig. 2 and paragraph 17. 
Applicants respectfully disagree, Venkatanarayan teaches a computer that has several network 
adapters 12a, 1 2b. When a processor receives a packet, an internal load balancer selects a port to 
transmit the packet. For example, the internal load balancer may select the port with the highest 
available bandwidth (See e.g. Par. 17, lines 7-11, Par. 20 last 5 lines). Thus, Venkatanarayan 
does not disclose assessing the available bandwidths of the first and second system processing 
units. Rather, in Venkatanarayan the packet is sent to a processing card, and then an internal 
load balancing system on the card selects an output port for the packet based on the available 
bandwidths of the ports. Accordingly, applicants respectfully submit that Venkatanarayan does 
not teach or suggest assessing currently available bandwidth of System Processing Units. Note 
in this regard that "System Processing Units" is a defined term in this application (see Paragraph 
9 - u CPUs and hardware accelerators will be referred to herein as system processing units 
(SPUs)."). 

Claim 1 further recites that the current available bandwidth is determined by assessing 
the initial expected available bandwidth for that system processing unit as decremented by other 



-3- 

P«S 7/1 1 * RCVD AT 5/15^008 4:39:27 PKI [Easton D^IigM Time] 4 SVR:U»>TO-EFXRF-6/10 * DN1S:2738300 * CSID:9783713219 ^ DURATION (mm-ss):02«08 



05/15/2008 15:37 9783713219 



JOHN GQRECKI 



PAGE 08/11 



Amendment Dated May 15. 2008 
Serial No. 10/736,062 

processing requirements for that system processing unit. The Examiner admits that the 
combination of Chen, AAPA, and Venkatanarayan does not teach this, but contends that this 
feature is shown in Shneyderman. Applicants also disagree with this conclusion. 

As support for this position, the Examiner has cited two portions of Shneyderman - Page 
7 f paragraph 7, and page 7, paragraph 11. Page 7 of Shneyderman describes Lucent's 
SpringTide 7000 IP Service Switch platform. In paragraph 6 of page 7, Shneyderman explains 
that the SpringTide switch can terminate thousands of individual tunnels. In Paragraph 7, 
Shneyderman states that the SpringTide 7000 can handle multiple tunnels over each of its 
interfaces- Shneyderman continues to state that "The number of tunnels supported is limited 
only by the amount of memory and processing power of the routing/tunneling engines 
available...'* Shneyderman then states that the SpringTide 7000 handles traffic flows that are 
aggregated at its interfaces. Nothing in this paragraph teaches or suggests assessing an available 
bandwidth for a system processing unit as decremented by other processing requirements for that 
system processing unit. 

Paragraph 11 is similarly unhelpful for the Examiner's position. In paragraph 11, 
Shneyderman states that the SpringTide 7000 uses virtual routers and that each virtual router is 
assigned its own dedicated CPU cycles. This has nothing to do with assessing an available 
bandwidth for a system processing unit as decremented by other processing requirements for that 
system processing unit. 

Accordingly, applicants respectfully submit that the combination of four references cited 
by the Examiner would not have taught or suggested what is currently claimed in independent 
claim 1. Specifically, the cited art does not teach or suggest assigning tunnels to processors by 
assessing the available bandwidths of the first and second processing units. Likewise, and 
building on this, the cited art does not teach or suggest that the available bandwidths used in this 
process of assigning should be calculated by assessing an available bandwidth for a system 
processing unit as decremented by other processing requirements for that system processing unit. 
In view of these deficiencies, applicants respectfully request that the Examiner withdraw the 
rejection of claim 1 and those claims dependent thereon. Independent claim 14 is likewise 
patentable for these same reasons. 
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Second Rejection 

Claims 1-20 were rejected under 35 USC 103 as unpatentable over in view of Applicants 
Admitted Prior Art (AAPA), and further in view of Pham (U.S. Patent Application Publication 
No. 2003/0074473), and still further in view of Shneyderman. This rejection is respectfully 
traversed in view of the following arguments. 

In connection with the previous rejection, applicants pointed out that the combination of 
references did not teach or suggest (1) assigning tunnels to processors by assessing the available 
bandwidths of the first and second processing units; and (2) that the available bandwidths used to 
assign tunnels to SPUs should be calculated by assessing an available bandwidth for a SPU as 
decremented by other processing requirements for that SPU. This new combination of 
references similarly fails to teach or suggest these two features. 

As noted above, claim 1 recites a method including the step of: "assigning a Virtual 
Private Network (VPN) tunnel to one of the first and second system processing units for 
processing by assessing current available bandwidths of the first and second system processing 
units.'" The Examiner has agreed that the combination of Chen and the art described in the 
background of this application does not do this. 

Pham teaches a system in which each packet is passed to a packet processor according to 
the current available bandwidth of the packet processors. For example, in Paragraph 60 Pham 
states that a load balancer process is used whenever a packet is to be internally routed within the 
router. Pham continues in some detail for the next five paragraphs or so to describe how each 
packet is individually load balanced to one of the packet processors based on the state of the 
packet processor and/or the switch fabric. Thus, Pham does not teach or suggest assigning 
tunnels to processors, but rather teaches that all of the processors should be kept available to 
process packets as they arrive. 

The Examiner has contended that the fact that Pham assigns to packets to processors 
based on their availability would have led a person skilled in the art to assign tunnels to 
processors in this manner. Applicants rather contend that Pham teaches away from assigning 
tunnels to processors, since pre-assigning tunnels to packet processors would have fundamentally 
altered the way in which Pham's device worked and would have defeated the purpose of Pham's 
load balancing process which relies on having all of the processors available to process incoming 
packets to achieve real time line rate packet processing. Accordingly, applicants respectfully 
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submit that a person of ordinary skill in the art would not have been motivated to modify the way 
tunnels were assigned to SPUs based on the teachings of Pham. If anything, Pharo would have 
taught/suggested that assigning tunnels to SPUs was a bad thing. With this in mind, a person 
would not have been motivated to look for a new way to assign SPUs, but would have been 
instead motivated to try to do away with SPU/tunnel assignments all together. 

The Examiner cited Shneydemian as teaching that tunnels should be assigned by 
assessing an available bandwidth for a system processing unit as decremented by other 
processing requirements for that system processing unit. As discussed above, Shneyderman does 
not mention assigning tunnels to processors and certainly docs not get into the particular method 
that should be used to assign tunnels to processors. Thus, for the same reasons set forth above, 
applicants respectfully submit that Shneyderman does not teach or suggest assessing an available 
bandwidth for a system processing unit as decremented by other processing requirements for that 
system processing unit, or using this value in connection with assigning tunnels to SPUs. 

Accordingly, applicants respectfully submit that the combination of four references cited 
by the Examiner would not have rendered the invention set forth in the independent claims 
obvious. Rather, one of the references teaches away from looking for a new way. to assign 
tunnels to processors by instead using all processors to process all packets, and the other 
reference is silent as to the details reflected in the claims that describe how the tunnel assignment 
is performed. In light of these deficiencies, applicants respectfully request that the rejection 
under 35 USC 103 be withdrawn. 

Conclusion 

In view of foregoing remarks, it is respectfully submitted that the application is now in 
condition for allowance and an action to this effect is respectfully requested. If there are any 
questions or concerns regarding the amendments or these remarks, the Examiner is requested to 
telephone the undersigned at the telephone number listed below. 
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If any fees are due in connection with this filing, the Commissioner is hereby authorized 
to charge payment of the fees associated with this communication or credit any overpayment to 
Deposit Account No. 502246 (Ref: NN-1 6263). 



John C. Gorecki, Esq 
P.O. Box 553 
Carlisle, MA 01741 
Tel: (978)371-3218 
Fax: (978) 371-3219 
iohn@gorecki.us 
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